The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of TWS

vulnerability note CVE-2013-0169

OpenSSL: information disclosure in CBC mode, Lucky 13

Synthesis of the vulnerability

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Impacted products: Debian, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, ePO, NetScreen Firewall, ScreenOS, OpenSSL, openSUSE, openSUSE Leap, Solaris, pfSense, RHEL, JBoss EAP by Red Hat, Slackware, SUSE Linux Enterprise Desktop, SLES, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity: 1/4.
Consequences: data reading.
Provenance: LAN.
Creation date: 12/02/2013.
Identifiers: 1643316, c03710522, c03883001, CERTA-2013-AVI-454, CVE-2013-0169, DSA-2621-1, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10759, Lucky 13, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0416-01, SB10041, SSA:2013-042-01, SSRT101104, SSRT101289, SUSE-SU-2014:0320-1, VIGILANCE-VUL-12394, VMSA-2013-0009.

Description of the vulnerability

The bulletin VIGILANCE-VUL-12374 describes a vulnerability of TLS/DTLS.

For OpenSSL, the solution VIGILANCE-SOL-28668 corrected this vulnerability. However, this solution was not complete.

An attacker can therefore still inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2013-0166

OpenSSL: denial of service via OCSP

Synthesis of the vulnerability

An attacker can setup a malicious OCSP server, in order to stop OpenSSL applications which connect.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, Juniper J-Series, Junos OS, McAfee Email and Web Security, ePO, OpenSSL, openSUSE, openSUSE Leap, Solaris, pfSense, RHEL, JBoss EAP by Red Hat, Slackware, ESX, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: internet server.
Creation date: 05/02/2013.
Identifiers: 1643316, BID-57755, BID-60268, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-387, CERTA-2013-AVI-454, CERTFR-2014-AVI-112, CVE-2013-0166, DSA-2621-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESXi410-201307001, ESXi410-201307401-SG, FEDORA-2013-2793, FEDORA-2013-2834, FreeBSD-SA-13:03.openssl, HPSBUX02856, HPSBUX02909, JSA10575, JSA10580, MDVSA-2013:018, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2016:0640-1, RHSA-2013:0587-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, sol14261, SSA:2013-040-01, SSRT101104, SSRT101289, VIGILANCE-VUL-12378, VMSA-2013-0006.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2.

Description of the vulnerability

The OCSP (Online Certificate Status Protocol) extension checks the validity of certificates.

The OCSP_basic_verify() function of the crypto/ocsp/ocsp_vfy.c file decodes the received OCSP reply. However, if the key is empty, a NULL pointer is dereferenced.

An attacker can therefore setup a malicious OCSP server, in order to stop OpenSSL applications which connect.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2012-2686

OpenSSL: denial of service via CBC and AES-NI

Synthesis of the vulnerability

When an application linked to OpenSSL runs on a processor with AES-NI, an attacker can stop TLS sessions in CBC mode.
Impacted products: HP-UX, Tivoli Workload Scheduler, OpenSSL, openSUSE, Slackware.
Severity: 2/4.
Consequences: denial of service on service, denial of service on client.
Provenance: internet client.
Creation date: 05/02/2013.
Identifiers: 1643316, BID-57755, c03883001, CERTA-2013-AVI-099, CVE-2012-2686, HPSBUX02909, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, SSA:2013-040-01, SSRT101289, VIGILANCE-VUL-12377.

Description of the vulnerability

Since 2008, some x86 processors implement AES-NI assembler instructions. They are used to request the processor to do AES computations with only one instruction.

When an application linked to OpenSSL runs on a processor with AES-NI, an attacker can stop TLS sessions in CBC mode.

 The error could be located in the aesni_cbc_hmac_sha1_cipher() function of the crypto/evp/e_aes_cbc_hmac_sha1.c file.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2013-0169 CVE-2013-1619 CVE-2013-1620

TLS, DTLS: information disclosure in CBC mode, Lucky 13

Synthesis of the vulnerability

An attacker can inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.
Impacted products: Bouncy Castle JCE, Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, DB2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere MQ, Juniper J-Series, Junos OS, Junos Space, NSM Central Manager, NSMXpress, Mandriva Linux, McAfee Email and Web Security, ePO, MySQL Enterprise, NetScreen Firewall, ScreenOS, Java OpenJDK, OpenSSL, openSUSE, openSUSE Leap, Opera, Java Oracle, Solaris, pfSense, SSL protocol, RHEL, JBoss EAP by Red Hat, Slackware, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive, ESX, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor.
Severity: 1/4.
Consequences: data reading.
Provenance: LAN.
Number of vulnerabilities in this bulletin: 7.
Creation date: 05/02/2013.
Identifiers: 1639354, 1643316, 1672363, BID-57736, BID-57774, BID-57776, BID-57777, BID-57778, BID-57780, BID-57781, c03710522, c03883001, CERTA-2013-AVI-099, CERTA-2013-AVI-109, CERTA-2013-AVI-339, CERTA-2013-AVI-454, CERTA-2013-AVI-543, CERTA-2013-AVI-657, CERTFR-2014-AVI-112, CERTFR-2014-AVI-244, CERTFR-2014-AVI-286, CVE-2013-0169, CVE-2013-1619, CVE-2013-1620, CVE-2013-1621, CVE-2013-1622-REJECT, CVE-2013-1623, CVE-2013-1624, DLA-1518-1, DSA-2621-1, DSA-2622-1, ESX400-201310001, ESX400-201310401-SG, ESX400-201310402-SG, ESX410-201307001, ESX410-201307401-SG, ESX410-201307403-SG, ESX410-201307404-SG, ESX410-201307405-SG, ESX410-201312001, ESX410-201312401-SG, ESX410-201312403-SG, ESXi410-201307001, ESXi410-201307401-SG, ESXi510-201401101-SG, FEDORA-2013-2110, FEDORA-2013-2128, FEDORA-2013-2764, FEDORA-2013-2793, FEDORA-2013-2813, FEDORA-2013-2834, FEDORA-2013-2892, FEDORA-2013-2929, FEDORA-2013-2984, FEDORA-2013-3079, FEDORA-2013-4403, FreeBSD-SA-13:03.openssl, GNUTLS-SA-2013-1, HPSBUX02856, HPSBUX02909, IC90385, IC90395, IC90396, IC90397, IC90660, IC93077, JSA10575, JSA10580, JSA10759, Lucky 13, MDVSA-2013:014, MDVSA-2013:018, MDVSA-2013:019, MDVSA-2013:040, MDVSA-2013:050, MDVSA-2013:052, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, openSUSE-SU-2013:0807-1, openSUSE-SU-2016:0640-1, RHSA-2013:0273-01, RHSA-2013:0274-01, RHSA-2013:0275-01, RHSA-2013:0531-01, RHSA-2013:0532-01, RHSA-2013:0587-01, RHSA-2013:0588-01, RHSA-2013:0636-01, RHSA-2013:0782-01, RHSA-2013:0783-01, RHSA-2013:0833-01, RHSA-2013:0834-02, RHSA-2013:0839-02, RHSA-2013:1135-01, RHSA-2013:1144-01, RHSA-2013:1181-01, RHSA-2013:1455-01, RHSA-2013:1456-01, RHSA-2014:0371-01, RHSA-2014:0372-01, RHSA-2014:0896-01, RHSA-2015:1009, SOL14190, SOL15630, SSA:2013-040-01, SSA:2013-042-01, SSA:2013-242-01, SSA:2013-242-03, SSA:2013-287-03, SSRT101104, SSRT101289, SUSE-SU-2013:0328-1, SUSE-SU-2014:0320-1, SUSE-SU-2014:0322-1, swg21633669, swg21638270, swg21639354, swg21640169, VIGILANCE-VUL-12374, VMSA-2013-0006.1, VMSA-2013-0007.1, VMSA-2013-0009, VMSA-2013-0009.1, VMSA-2013-0009.2, VMSA-2013-0009.3, VMSA-2013-0015.

Description of the vulnerability

The TLS protocol uses a block encryption algorithm. In CBC (Cipher Block Chaining) mode, the encryption depends on the previous block.

When an incorrect encrypted message is received, a fatal error message is sent to the sender. However, the duration of the generation of this error message depends on the number of valid bytes, used by a MAC hash.

An attacker can therefore inject wrongly encrypted messages in a TLS/DTLS session in mode CBC, and measure the delay before the error message reception, in order to progressively guess the clear content of the session.

In order to guess a clear block, 2^23 TLS sessions are required. So, to exploit this vulnerability, the TLS client has to permanently open a new session, as soon as the previous one ended with a fatal error.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2012-1541 CVE-2012-1543 CVE-2012-3213

Oracle JRE, JDK, JavaFX: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of Oracle JRE, JDK and JavaFX can be used by a malicious applet/application in order to execute code or to obtain information. A legitimate applet/application, handling malicious data, can also be forced to execute code.
Impacted products: Fedora, HP-UX, IRAD, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, Mandriva Linux, Java OpenJDK, openSUSE, Java Oracle, JavaFX, RHEL, SUSE Linux Enterprise Desktop, SLES, Unix (platform) ~ not comprehensive.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on service, denial of service on client.
Provenance: internet client.
Number of vulnerabilities in this bulletin: 50.
Creation date: 04/02/2013.
Identifiers: 1677352, BID-57670, BID-57681, BID-57682, BID-57683, BID-57684, BID-57685, BID-57686, BID-57687, BID-57688, BID-57689, BID-57690, BID-57691, BID-57692, BID-57693, BID-57694, BID-57695, BID-57696, BID-57697, BID-57699, BID-57700, BID-57701, BID-57702, BID-57703, BID-57704, BID-57705, BID-57706, BID-57707, BID-57708, BID-57709, BID-57710, BID-57711, BID-57712, BID-57713, BID-57714, BID-57715, BID-57716, BID-57717, BID-57718, BID-57719, BID-57720, BID-57721, BID-57722, BID-57723, BID-57724, BID-57725, BID-57726, BID-57727, BID-57728, BID-57729, BID-57730, BID-57731, c03714148, c03725347, c03735640, CERTA-2013-AVI-092, CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0447, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1472, CVE-2013-1473, CVE-2013-1474, CVE-2013-1475, CVE-2013-1476, CVE-2013-1477, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1482, CVE-2013-1483, CVE-2013-1489, FEDORA-2013-1898, FEDORA-2013-2188, FEDORA-2013-2197, FEDORA-2013-2205, FEDORA-2013-2209, HPSBUX02857, HPSBUX02864, HPSBUX02867, IC90659, javacpufeb2013, MDVSA-2013:010, MDVSA-2013:095, openSUSE-SU-2013:0308-1, openSUSE-SU-2013:0312-1, openSUSE-SU-2013:0377-1, RHSA-2013:0236-01, RHSA-2013:0237-01, RHSA-2013:0245-01, RHSA-2013:0246-01, RHSA-2013:0247-01, RHSA-2013:0624-01, RHSA-2013:0625-01, RHSA-2013:0626-01, RHSA-2013:1455-01, RHSA-2013:1456-01, SE-2012-01, SSRT101103, SSRT101156, SUSE-SU-2013:0315-1, SUSE-SU-2013:0440-1, SUSE-SU-2013:0440-2, SUSE-SU-2013:0440-3, SUSE-SU-2013:0440-4, SUSE-SU-2013:0440-6, SUSE-SU-2013:0456-1, SUSE-SU-2013:0456-2, SUSE-SU-2013:0456-3, SUSE-SU-2013:0456-4, swg21627634, swg21633311, swg21633669, swg21633674, swg21645096, swg21645100, VIGILANCE-VUL-12368, VU#858729, ZDI-13-010, ZDI-13-011, ZDI-13-012, ZDI-13-013, ZDI-13-022, ZDI-13-023.

Description of the vulnerability

Several vulnerabilities were announced in Oracle JRE, JDK and JavaFX. The most severe vulnerabilities lead to code execution.

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57681, CVE-2013-0437]

An attacker can use a vulnerability of 2D, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57686, CVE-2013-1478]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57687, CVE-2013-0442]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57689, CVE-2013-0445]

An attacker can use a vulnerability of AWT, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57691, CVE-2013-1480, ZDI-13-022]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57692, CVE-2013-0441]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57694, CVE-2013-1475]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57696, CVE-2013-1476]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57697, CVE-2012-1541]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57699, CVE-2013-0446]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57700, CVE-2012-3342]

An attacker can use a vulnerability of JMX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57703, CVE-2013-0450]

An attacker can use a vulnerability of JavaFX D3DRendererDelegate, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57706, CVE-2013-1479, ZDI-13-023]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57709, CVE-2013-0425]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57711, CVE-2013-0426]

An attacker can use a vulnerability of Libraries, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57713, CVE-2013-0428]

An attacker can use a vulnerability of Scripting NativeJavaConstructor, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57717, CVE-2012-3213, ZDI-13-011]

An attacker can use a vulnerability of Sound PV_ProcessSampleWithSMOD, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57718, CVE-2013-1481, ZDI-13-010]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57721, CVE-2013-0436]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57725, CVE-2013-0439]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57682, CVE-2013-0447]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57683, CVE-2013-1472]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57684, CVE-2012-4301]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57685, CVE-2013-1477]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57688, CVE-2013-1482]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57693, CVE-2013-1483]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57690, CVE-2013-1474]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57695, CVE-2012-4305]

An attacker can use a vulnerability of Beans, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57701, CVE-2013-0444]

An attacker can use a vulnerability of CORBA, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57710, CVE-2013-0429]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57714, CVE-2013-0419]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57716, CVE-2013-0423]

An attacker can use a vulnerability of JavaFX, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57705, CVE-2012-1543, ZDI-13-012, ZDI-13-013]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57720, CVE-2013-0351]

An attacker can use a vulnerability of Install, in order to obtain information, to alter information, or to create a denial of service. [severity:3/4; BID-57722, CVE-2013-0430]

An attacker can use a vulnerability of AWT, in order to obtain or alter information. [severity:3/4; BID-57727, CVE-2013-0432]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-57704, CVE-2013-0449]

An attacker can use a vulnerability of Deployment, in order to alter information. [severity:2/4; BID-57731, CVE-2013-1473]

An attacker can use a vulnerability of JAX-WS, in order to obtain information. [severity:2/4; BID-57729, CVE-2013-0435]

An attacker can use a vulnerability of JAXP, in order to obtain information. [severity:2/4; BID-57730, CVE-2013-0434]

An attacker can use a vulnerability of JMX, in order to obtain information. [severity:2/4; BID-57728, CVE-2013-0409]

An attacker can use a vulnerability of JMX, in order to obtain information. [severity:2/4; BID-57726, CVE-2013-0431]

An attacker can use a vulnerability of Libraries, in order to alter information. [severity:2/4; BID-57724, CVE-2013-0427]

An attacker can use a vulnerability of Libraries, in order to alter information. [severity:2/4; BID-57723, CVE-2013-0448]

An attacker can use a vulnerability of Networking, in order to alter information. [severity:2/4; BID-57719, CVE-2013-0433]

An attacker can use a vulnerability of RMI, in order to alter information. [severity:2/4; BID-57715, CVE-2013-0424]

An attacker can use a vulnerability of JSSE, in order to create a denial of service. [severity:2/4; BID-57712, CVE-2013-0440]

An attacker can use a vulnerability of Deployment, in order to obtain information. [severity:2/4; BID-57708, CVE-2013-0438]

An attacker can use a vulnerability of JSSE, in order to obtain or alter information. [severity:2/4; BID-57702, CVE-2013-0443]

An attacker can use a vulnerability of Deployment, in order to obtain information, to alter information, or to create a denial of service. [severity:1/4; BID-57707, CVE-2013-1489, SE-2012-01]
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2012-2131

OpenSSL 0.9.8: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Impacted products: Debian, HP-UX, AIX, Tivoli Workload Scheduler, Junos Space, Mandriva Linux, OpenSSL, Solaris, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Creation date: 24/04/2012.
Identifiers: 1643316, BID-53212, c03333987, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2131, DSA-2454-2, HPSBUX02782, JSA10659, MDVSA-2012:064, RHSA-2012:0518-01, RHSA-2012:0522-01, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, VIGILANCE-VUL-11564.

Description of the vulnerability

The version 0.9.8v of OpenSSL was published to correct the vulnerability VIGILANCE-VUL-11559.

However, the vulnerability was not fully corrected by this version.

An attacker can therefore still use malformed ASN.1 data, with an application linked to OpenSSL 0.9.8, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2012-2110

OpenSSL: memory corruption via asn1_d2i_read_bio

Synthesis of the vulnerability

An attacker can use malformed ASN.1 data, with an application linked to OpenSSL, in order to corrupt the memory, which leads to a denial of service or to code execution.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, IVE OS, Junos Pulse, Junos Space, Juniper SA, Juniper SBR, Mandriva Linux, NetBSD, NetScreen Firewall, ScreenOS, OpenBSD, OpenSSL, openSUSE, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES, ESX.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: document.
Creation date: 19/04/2012.
Identifiers: 1643316, BID-53158, c03333987, CERTA-2012-AVI-224, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CERTA-2012-AVI-479, CERTFR-2014-AVI-480, CERTFR-2016-AVI-300, CVE-2012-2110, DSA-2454-1, ESX350-201302401-SG, ESX400-201209001, ESX400-201209401-SG, ESX400-201209402-SG, ESX400-201209404-SG, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, FEDORA-2012-6395, FEDORA-2012-6403, FreeBSD-SA-12:01.openssl, HPSBUX02782, JSA10659, KB27376, MDVSA-2012:060, NetBSD-SA2012-001, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, PSN-2012-09-712, PSN-2013-03-872, PSN-2013-05-941, RHSA-2012:0518-01, RHSA-2012:0522-01, RHSA-2012:1306-01, RHSA-2012:1307-01, RHSA-2012:1308-01, SOL16285, SSRT100844, SUSE-SU-2012:0623-1, SUSE-SU-2012:0637-1, SUSE-SU-2012:1149-1, SUSE-SU-2012:1149-2, VIGILANCE-VUL-11559, VMSA-2012-0003.1, VMSA-2012-0005.2, VMSA-2012-0005.3, VMSA-2012-0008.1, VMSA-2012-0013, VMSA-2012-0013.1, VMSA-2013-0001.2, VMSA-2013-0003.

Description of the vulnerability

X.509 certificates are encoded with ASN.1 (Abstract Syntax Notation).

OpenSSL uses BIO, which are data streams where a program can write or read.

The asn1_d2i_read_bio() function of OpenSSL decodes ASN.1 data coming from a BIO.

However, this function converts ("cast") size of ASN.1 objects to signed integers (where as "size_t" is unsigned). If the announced size of an object is greater than 0x80000000, an allocation error thus occurs, and the memory is corrupted.

The asn1_d2i_read_bio() function is used by several OpenSSL functions. Note: SSL/TLS clients/servers do not use this function, and are thus not vulnerable (there are exceptions if d2i_X509_bio() is called). However, S/MIME or CMS applications are vulnerable.

An attacker can therefore use malformed ASN.1 data, with an application linked to OpenSSL, in order to corrupt the memory, which leads to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2011-4619

OpenSSL: denial of service via SGC

Synthesis of the vulnerability

An attacker can use the handshake restart feature of SGC without the Client Hello message, in order to create a denial of service.
Impacted products: BIG-IP Hardware, TMOS, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, IVE OS, Junos Pulse, Juniper SA, OpenSSL, openSUSE, Solaris, JBoss EAP by Red Hat, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 13/03/2012.
Identifiers: 1643316, c03333987, CERTA-2012-AVI-286, CERTA-2012-AVI-479, CVE-2011-4619, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, ESXi410-201208101-SG, ESXi500-201212102-SG, FreeBSD-SA-12:01.openssl, HPSBUX02782, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, PSN-2012-09-712, RHSA-2012:1306-01, RHSA-2012:1307-01, RHSA-2012:1308-01, SOL15389, SOL15461, SSRT100844, VIGILANCE-VUL-11428, VMSA-2012-0005.2, VMSA-2012-0012.1, VMSA-2012-0012.2, VMSA-2012-0013, VMSA-2012-0013.2, VMSA-2013-0003.

Description of the vulnerability

The SGC (Server Gated Cryptography) technology processes weak algorithms/keys. It is considered as obsolete.

An attacker can use the handshake restart feature of SGC without the Client Hello message, in order to create a denial of service.

This vulnerability results from a bad correction for CVE-2011-4619 (VIGILANCE-VUL-11257).
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2012-0884

OpenSSL: Bleichenbacher attack on CMS and PKCS7

Synthesis of the vulnerability

The Bleichenbacher attack can be used against the OpenSSL implementation of CMS and PKCS#7, in order to obtain clear text information, using 2^20 messages.
Impacted products: IPSO, Debian, Fedora, FreeBSD, HP-UX, AIX, Tivoli Workload Scheduler, IVE OS, Junos Pulse, Juniper SA, Mandriva Linux, OpenSSL, openSUSE, Solaris, RHEL, JBoss EAP by Red Hat, SUSE Linux Enterprise Desktop, SLES.
Severity: 1/4.
Consequences: data reading.
Provenance: document.
Creation date: 12/03/2012.
Identifiers: 1643316, BID-52428, c03333987, CERTA-2012-AVI-134, CERTA-2012-AVI-286, CERTA-2012-AVI-419, CVE-2012-0884, DSA-2454-1, FEDORA-2012-4659, FEDORA-2012-4665, FreeBSD-SA-12:01.openssl, HPSBUX02782, MDVSA-2012:038, openSUSE-SU-2012:0547-1, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, PSN-2012-09-712, RHSA-2012:0426-01, RHSA-2012:1306-01, RHSA-2012:1307-01, RHSA-2012:1308-01, sk76360, SSRT100844, SUSE-SU-2012:0479-1, VIGILANCE-VUL-11427.

Description of the vulnerability

The PKCS#7 format is used to represent a signed or encrypted document. CMS (Cryptographic Message Syntax) is an improvement of PKCS#7. S/MIME used PKCS#7, and now uses CMS. TLS/SSL does not use PKCS#7 nor CMS.

In 1998, Daniel Bleichenbacher proposed an attack to detect if clear data belong to encrypted data in a PKCS#1 block. This attack is named "Million Message Attack" because it requires to query an oracle numerous times.

However, the Bleichenbacher attack can be used against the OpenSSL implementation of CMS and PKCS#7, in order to obtain clear text information, using 2^20 messages.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2012-0050

OpenSSL: denial of service via DTLS

Synthesis of the vulnerability

An attacker can send a short DTLS message, in order to force OpenSSL to read at an invalid memory address, which stops the application.
Impacted products: Debian, BIG-IP Hardware, TMOS, Fedora, HP-UX, AIX, Tivoli Workload Scheduler, Mandriva Linux, NetBSD, OpenSSL, openSUSE, Solaris, ESX, ESXi, VMware vSphere, VMware vSphere Hypervisor.
Severity: 1/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 19/01/2012.
Identifiers: 1643316, BID-51563, c03169289, CERTA-2012-AVI-028, CERTA-2012-AVI-479, CVE-2012-0050, DSA-2392-1, ESX410-201208101-SG, ESX410-201208102-SG, ESX410-201208103-SG, ESX410-201208104-SG, ESX410-201208105-SG, ESX410-201208106-SG, ESX410-201208107-SG, ESXi410-201208101-SG, ESXi500-201212102-SG, FEDORA-2012-0702, FEDORA-2012-0708, HPSBUX02737, MDVSA-2012:011, openSUSE-SU-2012:0266-1, openSUSE-SU-2013:0336-1, openSUSE-SU-2013:0337-1, openSUSE-SU-2013:0339-1, SOL15417, SSRT100747, VIGILANCE-VUL-11308, VMSA-2012-0005.2, VMSA-2012-0012.1, VMSA-2012-0012.2, VMSA-2012-0013, VMSA-2012-0013.2, VMSA-2013-0003.

Description of the vulnerability

The DTLS (Datagram Transport Layer Security) protocol, based on TLS, provides a cryptographic layer over the UDP protocol.

The dtls1_process_record() function of the ssl/d1_pkt.c file analyzes the received DTLS message. However, if the message size is shorter than the MAC (Message Authentication Code) size, the dtls1_process_record() function uses a negative rr->length value as the index of an array to read.

An attacker can therefore send a short DTLS message, in order to force OpenSSL to read at an invalid memory address, which stops the application.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about TWS: